Easy Digital Downloads Security Vulnerabilities and Issues — Easy Digital Downloads CVE List

Lucene search

AwesomemotiveEasy Digital Downloads

3 matches found

CVE•added 2024/12/13 3:15 p.m.•55 views

CVE-2023-40005

Missing Authorization vulnerability in Easy Digital Downloads Easy Digital Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Digital Downloads: from n/a through 3.1.5.

9.8CVSS5.4AI score0.00274EPSS

CVE•added 2024/12/21 12:15 p.m.•47 views

CVE-2024-12875

The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.2 via the file download functionality. This makes it possible for authenticated attackers, with Administrator-level access ...

4.9CVSS4.9AI score0.00388EPSS

CVE•added 2024/12/17 12:15 p.m.•35 views

CVE-2024-9654

The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a lack of sufficient validation checks within the 'verify_guest_email' function to ensure the requesting user is the intended recipient of the purchase receipt. This...

3.7CVSS4.3AI score0.00034EPSS